package pj.oauth2;

import cn.dev33.satoken.context.SaHolder;
import cn.dev33.satoken.context.model.SaRequest;
import cn.dev33.satoken.context.model.SaResponse;
import cn.dev33.satoken.oauth2.SaOAuth2Manager;
import cn.dev33.satoken.oauth2.config.SaOAuth2Config;
import cn.dev33.satoken.oauth2.logic.SaOAuth2Consts;
import cn.dev33.satoken.stp.StpUtil;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.springframework.util.DigestUtils;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import pj.byt.MySaOAuth2Handle;
import pj.model.Result;
import pj.utils.GuoMiSM4;

import java.nio.charset.StandardCharsets;

/**
 * OAuth2ServerController
 * 新版规范化的授权流程
 * @author grl
 * @date 2023/8/24
 */
@Slf4j
@RestController
public class Oauth2ServerController {


    /**
     * 三方授权
     * @return
     */
    @RequestMapping("/byt/oauth2/*")
    public Object getAuthorizeCode(){
        SaRequest req = SaHolder.getRequest();
        String clientId = req.getParam(SaOAuth2Consts.Param.client_id);
        String sign = req.getParam("sign");
        if(StringUtils.isBlank(clientId)){
            return Result.fail().msg("clientId不能为空！");
        }
        if(StringUtils.isBlank(sign)){
            return Result.fail().msg("sign不能为空！");
        }
        JSONObject paramObj;
            // 需要解密 clientSecret 通过数据库获取
            String clientSecret = "7c53ea2d12a8302abcc8033dff76000f";
            String clientSecretMd5 = DigestUtils.md5DigestAsHex(clientSecret.getBytes(StandardCharsets.UTF_8));
            try{
                String paramStr = GuoMiSM4.decryptEcb(sign, clientSecretMd5);
                paramObj = JSON.parseObject(paramStr);
                if(StringUtils.isBlank(paramStr)){
                    return Result.fail().msg("签名不能为空！");
                }
            }catch (Exception e){
                return Result.fail().msg("签名解密失败！");
            }
            if(paramObj == null){
                return Result.fail().msg("参数不能为空！");
            }
            // 接入方域名 通过数据库获取 serverRedirectUri 链接获取
            String serverRedirectUri = "sdk://com.sdk.demo/page1";
            paramObj.put("serverRedirectUri",serverRedirectUri);
        return MySaOAuth2Handle.serverRequest(paramObj);
    }

    /**
     * 授权确认
     * @return
     */
    @PostMapping("/byt/oauth/doConfirm")
    public Object doConfirm(){
        SaRequest req = SaHolder.getRequest();
        String loginId = StpUtil.getLoginIdAsString();
        // 判断授权弹出窗是否过期
        // String redisKey = "byt-a:oauth:confirm:expireStr:"+clientId+":"+scope+":"+loginId;
        return MySaOAuth2Handle.doConfirm(req);
    }

    /**
     * 授权确认
     * @return
     */
    @PostMapping("/byt/oauth/doLogin")
    public Object doLogin(){
        SaRequest req = SaHolder.getRequest();
        SaResponse res = SaHolder.getResponse();
        SaOAuth2Config cfg = SaOAuth2Manager.getConfig();
        MySaOAuth2Handle.doLogin(req, res, cfg);
        String tokenValue = StpUtil.getTokenValue();
        return Result.ok().data("token","Bearer "+tokenValue);
    }
}
